Showing papers on "Software as a service published in 2009"

Above the Clouds: A Berkeley View of Cloud Computing

Abstract: Cloud Computing, the long-held dream of computing as a utility, has the potential to transform a large part of the IT industry, making software even more attractive as a service and shaping the way IT hardware is designed and purchased. Developers with innovative ideas for new Internet services no longer require the large capital outlays in hardware to deploy their service or the human expense to operate it. They need not be concerned about overprovisioning for a service whose popularity does not meet their predictions, thus wasting costly resources, or underprovisioning for one that becomes wildly popular, thus missing potential customers and revenue. Moreover, companies with large batch-oriented tasks can get results as quickly as their programs can scale, since using 1000 servers for one hour costs no more than using one server for 1000 hours. This elasticity of resources, without paying a premium for large scale, is unprecedented in the history of IT. Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services. The services themselves have long been referred to as Software as a Service (SaaS). The datacenter hardware and software is what we will call a Cloud. When a Cloud is made available in a pay-as-you-go manner to the general public, we call it a Public Cloud; the service being sold is Utility Computing. We use the term Private Cloud to refer to internal datacenters of a business or other organization, not made available to the general public. Thus, Cloud Computing is the sum of SaaS and Utility Computing, but does not include Private Clouds. People can be users or providers of SaaS, or users or providers of Utility Computing. We focus on SaaS Providers (Cloud Users) and Cloud Providers, which have received less attention than SaaS Users. From a hardware point of view, three aspects are new in Cloud Computing.

Secure kNN computation on encrypted databases

Abstract: Service providers like Google and Amazon are moving into the SaaS (Software as a Service) business. They turn their huge infrastructure into a cloud-computing environment and aggressively recruit businesses to run applications on their platforms. To enforce security and privacy on such a service model, we need to protect the data running on the platform. Unfortunately, traditional encryption methods that aim at providing "unbreakable" protection are often not adequate because they do not support the execution of applications such as database queries on the encrypted data. In this paper we discuss the general problem of secure computation on an encrypted database and propose a SCONEDB Secure Computation ON an Encrypted DataBase) model, which captures the execution and security requirements. As a case study, we focus on the problem of k-nearest neighbor (kNN) computation on an encrypted database. We develop a new asymmetric scalar-product-preserving encryption (ASPE) that preserves a special type of scalar product. We use APSE to construct two secure schemes that support kNN computation on encrypted data; each of these schemes is shown to resist practical attacks of a different background knowledge level, at a different overhead cost. Extensive performance studies are carried out to evaluate the overhead and the efficiency of the schemes.

Cloud Computing: Distributed Internet Computing for IT and Scientific Research

Abstract: Cloud computing is a disruptive technology with profound implications not only for Internet services but also for the IT sector as a whole. Its emergence promises to streamline the on-demand provisioning of software, hardware, and data as a service, achieving economies of scale in IT solutions' deployment and operation. This issue's articles tackle topics including architecture and management of cloud computing infrastructures, SaaS and IaaS applications, discovery of services and data in cloud computing infrastructures, and cross-platform interoperability. Still, several outstanding issues exist, particularly related to SLAs, security and privacy, and power efficiency. Other open issues include ownership, data transfer bottlenecks, performance unpredictability, reliability, and software licensing issues. Finally, hosted applications' business models must show a clear pathway to monetizing cloud computing. Several companies have already built Internet consumer services such as search, social networking, Web email, and online commerce that use cloud computing infrastructure. Above all, cloud computing's still unknown "killer application" will determine many of the challenges and the solutions we must develop to make this technology work in practice.

Cloud Security Issues

Abstract: In past three decades, the world of computation has changed from centralized (client-server not web-based) to distributed systems and now we are getting back to the virtual centralization (Cloud Computing). Location of data and processes makes the difference in the realm of computation. On one hand, an individual has full control on data and processes in his/her computer. On the other hand, we have the cloud computing wherein, the service and data maintenance is provided by some vendor which leaves the client/customer unaware of where the processes are running or where the data is stored. So, logically speaking, the client has no control over it. The cloud computing uses the internet as the communication media. When we look at the security of data in the cloud computing, the vendor has to provide some assurance in service level agreements (SLA) to convince the customer on security issues. Organizations use cloud computing as a service infrastructure, critically like to examine the security and confidentiality issues for their business critical insensitive applications. Yet, guaranteeing the security of corporate data in the "cloud" is difficult, if not impossible, as they provide different services like Software as a service (SaaS), Platform as a service (PaaS), and Infrastructure as a service (IaaS). Each service has their own security issues. So the SLA has to describe different levels of security and their complexity based on the services to make the customer understand the security policies that are being implemented. There has to be a standardized way to prepare the SLA irrespective to the providers. This can help some of the enterprises to look forward in using the cloud services. In this paper, we put forward some security issues that have to be included in SLA.

Cloud Computing: The Business Perspective

Abstract: The evolution of cloud computing over the past few years is potentially one of the major advances in the history of computing. However, if cloud computing is to achieve its potential, there needs to be a clear understanding of the various issues involved, both from the perspectives of the providers and the consumers of the technology. While a lot of research is currently taking place in the technology itself, there is an equally urgent need for understanding the business-related issues surrounding cloud computing. In this article, we identify the strengths, weaknesses, opportunities and threats for the cloud computing industry. We then identify the various issues that will affect the different stakeholders of cloud computing. We also issue a set of recommendations for the practitioners who will provide and manage this technology. For IS researchers, we outline the different areas of research that need attention so that we are in a position to advice the industry in the years to come. Finally, we outline some of the key issues facing governmental agencies who, due to the unique nature of the technology, will have to become intimately involved in the regulation of cloud computing.

Cloud Computing, A Practical Approach

Abstract: "The promise of cloud computing is here. These pages provide the 'eyes wide open' insights you need to transform your business." --Christopher Crowhurst, Vice President, Strategic Technology, Thomson Reuters A Down-to-Earth Guide to Cloud Computing Cloud Computing: A Practical Approach provides a comprehensive look at the emerging paradigm of Internet-based enterprise applications and services. This accessible book offers a broad introduction to cloud computing, reviews a wide variety of currently available solutions, and discusses the cost savings and organizational and operational benefits. You'll find details on essential topics, such as hardware, platforms, standards, migration, security, and storage. You'll also learn what other organizations are doing and where they're headed with cloud computing. If your company is considering the move from a traditional network infrastructure to a cutting-edge cloud solution, you need this strategic guide. Cloud Computing: A Practical Approach covers: Costs, benefits, security issues, regulatory concerns, and limitations Service providers, including Google, Microsoft, Amazon, Yahoo, IBM, EMC/VMware, Salesforce.com, and others Hardware, infrastructure, clients, platforms, applications, services, and storage Standards, including HTTP, HTML, DHTML, XMPP, SSL, and OpenID Web services, such as REST, SOAP, and JSON Platform as a Service (PaaS), Software as a Service (SaaS), and Software plus Services (S+S) Custom application development environments, frameworks, strategies, and solutions Local clouds, thin clients, and virtualization Migration, best practices, and emerging standards Table of contents Section One: Getting Started; Chapter 1. The History and Future of Cloud Computing; Chapter 2. Cloud Computing Basics; Chapter 3. Your Organization and Cloud Computing; Chapter 4. Cloud Computing with the Titans (Google, Microsoft, Amazon, Yahoo); Chapter 5. The Business Case for going Cloud (w/ case study); Section Two: Cloud Computing Technology; Chapter 6. Hardware and Infrastructure; Chapter 7. Accessing the Cloud (basics to APIs); Chapter 8. Cloud Storage; Chapter 9. Emerging Standards; Section Three: Cloud Computing at Work; Chapter 10. Software as a Service; Chapter 11. Software Plus Services; Chapter 12. Developing Applications; Chapter 13. Local Clouds and Thin Clients; Chapter 14. Migrating to the Cloud; Appendix A. Best Practices; Appendix B. List of Cloud Computing movers and shakers and Informational Resources

Is Cloud Computing Really Ready for Prime Time

Abstract: Even though the technology faces several significant challenges, many vendors and industry observers predict a bright future for cloud computing.

Data Management in the Cloud: Limitations and Opportunities.

Abstract: Recently the cloud computing paradigm has been receiving significant excitement and attention in the media and blogosphere To some, cloud computing seems to be little more than a marketing umbrella, encompassing topics such as distributed computing, grid computing, utility computing, and softwareas-a-service, that have already received significant research focus and commercial implementation Nonetheless, there exist an increasing number of large companies that are offering cloud computing infrastructure products and services that do not entirely resemble the visions of these individual compo-

An Approach for Selecting Software-as-a-Service (SaaS) Product

Abstract: Software-as-a-Service (SaaS) helps organizations avoid capital expenditure and pay for the functionality as an operational expenditure. Though enterprises are unlikely to use SaaS model for all their information systems needs, certain business functionalities such as Sales Force Automation (SFA), are more seen to be implemented using SaaS model. Such demand has prompted quite a few vendors to offer SFA functionality as SaaS. Enterprises need to adopt an objective approach to ensure they select the most appropriate SaaS product for their needs. This paper presents an approach that makes use of Analytic Hierarchy Process (AHP) technique for prioritizing the product features and also for expert-led scoring of the products.

Drivers of SaaS-Adoption – An Empirical Study of different Application Types

Abstract: Software-as-a-Service (SaaS) is said to become an important cornerstone of the Internet of Services. However, while some market research and IT provider firms fervently support this point of view, others already conjure up the failure of this on-demand sourcing option. Oftentimes based on weak empirical data and shaky reasoning, these inconsistent perspectives lack scientific rigor and neglect to present a more differentiated picture of SaaS-adoption. This study seeks to deepen the understanding of factors driving the adoption of Software-as-a-Service (SaaS). Grounded in transaction cost theory, the resource-based view, and the theory of planned behavior, we develop a research model to assess SaaS-adoption at the application level. Survey data of 297 firms in Germany with 374 valid response items across different industries were collected to test the theoretical model. Our analysis revealed that patterns on the decision on SaaS-adoption differ across application types. Social influence, attitude toward SaaS-adoption, adoption uncertainty, and strategic value turned out to be the strongest and most consistent drivers across all application types. Furthermore, we found that firm size does not matter in SaaS-adoption, since large enterprises and small- and medium-sized companies had similar adoption rates. Overall, this study provides relevant findings that IT vendors can use to better appeal to potential companies that consider adopting SaaS.

The design of the force.com multitenant internet application development platform

Abstract: Force.com is the preeminent on-demand application development platform in use today, supporting some 55,000+ organizations. Individual enterprises and commercial software-as-a-service (SaaS) vendors trust the platform to deliver robust, reliable, Internet-scale applications. To meet the extreme demands of its large user population, Force.com's foundation is a metadatadriven software architecture that enables multitenant applications. The focus of this paper is multitenancy, a fundamental design approach that can dramatically improve SaaS application management. This paper defines multitenancy, explains its benefits, and demonstrates why metadata-driven architectures are the premier choice for implementing multitenancy.

Cloud Computing: Does Nirvana Hide behind the Nebula?

Abstract: At the core of cloud computing is a simple concept: software as a service, or SaaS. Whether the underlying software is an application, application component, platform, framework, environment, or some other soft infrastructure for composing applications to be delivered as a service on the Web, it's all software in the end. But the simplicity ends there. Just a step away from that core, a complex concoction of paradigms, concepts, and technologies envelop cloud computing.

Variability modeling to support customization and deployment of multi-tenant-aware Software as a Service applications

Abstract: More and more companies are offering their software by following the Software as a Service (SaaS) model. The promise of the SaaS model is to exploit economies of scale on the provider side by hosting multiple customers (or tenants) on the same hardware and software infrastructure. However, to attract a significant number of tenants, SaaS applications have to be customizable to fulfill the varying functional and quality requirements of individual tenants. In this paper, we describe how variability modeling techniques from software product line engineering can support SaaS providers in managing the variability of SaaS applications and their requirements. Specifically, we propose using explicit variability models to systematically derive customization and deployment information for individual SaaS tenants. We also demonstrate how variability models could be used to systematically consider information about already deployed SaaS applications for efficiently deploying SaaS applications for new tenants. We illustrate our approach by a running example for a meeting planning application.

Cloud Security with Virtualized Defense and Reputation-Based Trust Mangement

Abstract: Internet clouds work as service factories built around web-scale datacenters. The elastic cloud resources and huge datasets processed are subject to security breaches, privacy abuses, and copyright violations. Provisioned cloud resources on-demand are especially vulnerable to cyber attacks. The cloud platforms built by Google, IBM, and Amazon all reveal this weaknesses. We propose a new approach to integrating virtual clusters, security-reinforced datacenters, and trusted data accesses guided by reputation systems. A hierarchy of P2P reputation systems is suggested to protect clouds and datacenters at the site level and to safeguard the data objects at the file-access level. Different security countermeasures are suggested to protect cloud service models: IaaS, PaaS, and SaaS, currently implemented by Amazon, IBM, and Google, respectively.

Systems and methods for metered software as a service

Abstract: Systems and methods are provided for facilitating software as a service (SAAS) by receiving information of SAAS offerings and metrics for tracking a users use of the SAAS offerings. The systems may be used to create SAAS orders and provide compliance and auditing of the SAAS, as well as generating invoices and receiving payment for the SAAS.

Pricing Strategies of Software Vendors

Abstract: Due to the economic characteristics specific to the software industry, pricing concepts existing in other industries cannot be transferred without adaptation. Therefore, this article provides an overview of pricing models for software. In this context we discuss the six parameters formation of prices, structure of payment flow, assessment base, price discrimination, price bundling, and dynamic pricing strategies. Furthermore, we refer to recent software delivery models, such as Software as a service. The results are based on literature research and empirical studies.

A Transaction Cost Perspective of the Software as a Service Business Model

Abstract: Application service providers (ASP), which host and maintain information technology (IT) applications across the Internet, offer an alternative to traditional models of IT service for user firms. We build on prior literature in transaction cost economics (TCE) to argue that the contract design should address ex post transaction costs that result due to contractual incompleteness and opportunism. We argue that contract design is multidimensional, and that it is necessary to design governance structures that can protect user firms from shirking and monitoring costs, as well as provide for efficient adaptation when requirements are incompletely specified at the start of the initiative. Our empirical analysis suggests that factors such as uncertainty in specifying service requirements, interdependence between the ASP application and IT systems in the client organization, and the need for specific investments favor time and materials contracts, whereas fixed prices are desirable when strong incentives are needed for cost reduction. We also find that contracts that are aligned with transaction attributes in a transaction cost-economizing manner are significantly less likely to experience budget overruns and realize better ex post performance than those that are not. These results hold normative implications for both user and provider firms to assess the performance implications of choosing contracts in line with prescriptions of TCE.

The Decision View's Role in Software Architecture Practice

Abstract: Software development has to deal with many challenges-increasing system complexity, requests for better quality, the burden of maintenance operations, distributed production, and high staff turnover, to name just a few. Increasingly, software companies that strive to reduce their products' maintenance costs demand flexible, easy-to-maintain designs. Software architecture constitutes the cornerstone of software design, key for facing these challenges. Several years after the "software crisis" began in the mid-1970s, software architecture practice emerged as a mature (although still growing) discipline, capable of addressing the increasing complexity of new software systems.

Methods and systems for pricing software infrastructure for a cloud computing environment

Abstract: A software provider system can provide and price software infrastructure for a cloud to a cloud provider based on expected utilization and actual utilization of the cloud. The software provider system can provide the software infrastructure of the cloud and technical support for the software infrastructure under a varying price structure which is dependent on the expected utilization and the actual utilization of the software infrastructure. The software provider system can determine the initial price of the software infrastructure based on the expected utilization of the cloud and a purpose of the cloud. The software provider system can monitor the actual utilization of the software infrastructure, over time, in order to modify the initial price based on the actual utilization of the software infrastructure.

A Quality Model for Evaluating Software-as-a-Service in Cloud Computing

Abstract: Cloud computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. One type of cloud service, SaaS is commonly utilized and it provides several benefits to service consumers. To realize these benefits, it is essential to evaluate the quality of SaaS and manage relatively higher level of its quality based on the evaluation result. Hence, there is a high demand for devising a quality model to evaluate SaaS cloud services. Conventional frameworks do not effectively support SaaS-specific quality aspects such as reusability and accessibility. In this paper, we propose a comprehensive model for evaluating quality of SaaS. We first define key features of SaaS. And then, we derive quality attributes from the key features, and define metrics for the quality attributes. To validate our quality model for SaaS, we conduct assessment based on IEEE 1061. By using the proposed SaaS quality model, SaaS can be evaluated by both service providers. Furthermore, the evaluation results are utilized as an indicator for SaaS quality management.

Introducing Windows Azure

Abstract: Windows Azure is Microsoft's next-generation cloud-computing operating system and is designed to provide companies with new business opportunities as they migrate toward hosted services. Introducing Microsoft Azure provides all the information developers need to get started with this new technology and apply it across a range of situations. Presented in a clear, concise manner, this book provides a carefully measured learning curve for surmounting the architectural and coding challenges that need to be faced when building a well-balanced Windows Azure service. What you'll learn Understand the critical concepts of Azure, such as data storage and retrieval, .NET Services, and SQL Azure Learn to write Azure code and architect cloud-based solutions Gain a comprehensive understanding of cloud computing and how the hosted architecture will impact the way organizations host, deploy, and maintain their solutions Integrate .NET Services and SQL Azure into existing applications to increase their functionality Understand how Azure can be leveraged to solve a variety of programming tasks through extensive exercises and recipes Who is this book for? Introducing Windows Azure is for .NET architects and developers who want to learn how to provide business solutions based on the Microsoft Azure Services platform. Software as a Service (SaaS), a major trend in the computing industry, will grow exponentially in the coming years. This is a book that every developer should have on their bookshelf.

e-government based on cloud computing and service-oriented architecture

Abstract: Two main trends related to e-government are currently observed: constant development of computer infrastructure, and constant increase of users' skills and knowledge of operating computers and the Internet. Public sector should take advantage of those improved conditions for development and deployment of e-government solutions. This can be achieved through the adoption of new architectures such as cloud computing and service-oriented architecture, in the public sector. Cloud computing permits to uniformly cover the whole country with e-government solutions, independently of divergence of local administrative units that may be better or worse prepared to provide e-services. Service-oriented architecture facilitates provision of compound services covering whole customer processes, where a customer may be a citizen or an enterprise. Compound services provided jointly by administrative units and enterprises stimulate development of e-economy and create attractive job for well educated people.

Combining Different Multi-tenancy Patterns in Service-Oriented Applications

Abstract: Software as a service (SaaS) providers exploiteconomies of scale by offering the same instance of an applicationto multiple customers typically in a single-instance multitenantarchitecture model. Therefore the applications must bescalable, multi-tenant aware and configurable. In this paper weshow how the services in a service-oriented SaaS applicationcan be deployed using different multi-tenancy patterns. Wedescribe how the chosen patterns influence the customizability,multi-tenant awareness and scalability of the application. Usingthe patterns we describe how individual services in a multitenantaware application can be not multi-tenant aware whilemaintaining the overall multi-tenant awareness of the application.We show based on a real-world example how the patternscan be used in practice and show how existing applicationsalready use these patterns.

A comparison of flexible schemas for software as a service

Abstract: A multi-tenant database system for Software as a Service (SaaS) should offer schemas that are flexible in that they can be extended different versions of the application and dynamically modified while the system is on-line. This paper presents an experimental comparison of five techniques for implementing flexible schemas for SaaS. In three of these techniques, the database "owns" the schema in that its structure is explicitly defined in DDL. Included here is the commonly-used mapping where each tenant is given their own private tables, which we take as the baseline, and a mapping that employs Sparse Columns in Microsoft SQL Server. These techniques perform well, however they offer only limited support for schema evolution in the presence of existing data. Moreover they do not scale beyond a certain level. In the other two techniques, the application "owns" the schema in that it is mapped into generic structures in the database. Included here are XML in DB2 and Pivot Tables in HBase. These techniques give the application complete control over schema evolution, however they can produce a significant decrease in performance. We conclude that the ideal database for SaaS has not yet been developed and offer some suggestions as to how it should be designed.

Cloud computing is changing how we communicate

Abstract: Cloud computing refers to a network that distributes processing power, applications, and large systems among many computers. Social media channels and many other applications use cloud computing as their platform. But cloud computing goes beyond that, offering a way for people to expand their local computing power onto the (seemingly) infinite processing power of the Internet. One of the results is a changing method of communication. Cloud computing can be a single-function application, an infrastructure on which these applications (and many others) can run, a set of services that offer the advantages of huge amounts of computing resources, and the ability to store large amounts of data remotely. Many companies and educational institutions are just beginning to realize the benefits of cloud-based applications that have traditionally required site licensing, installation, and maintenance. Cloud computing, SaaS, software as a service, social media.

Supporting Database Applications as a Service

Abstract: Multi-tenant data management is a form of Software as a Service (SaaS), whereby a third party service provider hosts databases as a service and provides its customers with seamless mechanisms to create, store and access their databases at the host site. One of the main problems in such a system, as we shall discuss in this paper, is scalability, namely the ability to serve an increasing number of tenants without too much query performance degradation. A promising way to handle the scalability issue is to consolidate tuples from different tenants into the same shared tables. However, this approach introduces two problems: 1) The shared tables are too sparse. 2)Indexing on shared tables is not effective. To resolve the problems, we propose a multi-tenant database system called M-Store, which provides storage and indexing services for multi-tenants. To improve the scalability of the system, we develop two techniques in M-Store: Bitmap Interpreted Tuple(BIT) and Multi-Separated Index (MSI). BIT is efficient in that it does not store NULLs from unused attributes in the shared tables and MSI provides flexibility since it only indexes each tenant's own data on frequently accessed attributes. We extended MySQL based on our proposed design and conducted extensive experiments. The experimental results show that our proposed approach is a promising multi-tenancy storage and indexing scheme which can be easily integrated into existing DBMS.

Towards BPEL in the Cloud: Exploiting Different Delivery Models for the Execution of Business Processes

Abstract: More and more companies are outsourcing parts of their business processes to third party providers to exploit the expertise and economies of scale of these third party providers. In the IT field, emerging delivery models for software such as Software as a Service and cloud computing offer the possibility to outsource applications and computing infrastructure and thus enable enterprises to focus on their core competences. In this paper we investigate how the new delivery models affect the outsourcing of business processes modeled in WS-BPEL. WS-BPEL is the standard to model and execute business processes in Web service-based IT landscapes. We describe how security and trust issues affect the execution of BPEL processes in the cloud and show the requirements on the middleware supporting the execution of BPEL processes.

Frontiers in Information and Software as Services

Abstract: The high cost of creating and maintaining software and hardware infrastructures for delivering services to businesses has led to a notable trend toward the use of third-party service providers, which rent out network presence, computation power, and data storage space to clients with infrastructural needs. These third party service providers can act as data stores as well as entire software suites for improved availability and system scalability, reducing small and medium businesses' burden of managing complex infrastructures. This is called information/application outsourcing or software as a service (SaaS). Emergence of enabling technologies, such as service oriented architectures (SOA), virtual machines, and cloud computing, contribute to this trend. Scientific Grid computing, on-line software services, and business service networks are typical examples leveraging database and software as service paradigm. In this paper, we survey the technologies used to enable SaaS paradigm as well as the current offerings on the market. We also outline research directions in the field.